aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--CHANGELOG20
-rw-r--r--Zotlabs/Module/Photo.php17
-rw-r--r--Zotlabs/Module/Search.php4
-rwxr-xr-xboot.php3
-rw-r--r--include/photos.php20
-rw-r--r--include/text.php2
6 files changed, 33 insertions, 33 deletions
diff --git a/CHANGELOG b/CHANGELOG
index c3e280963..59e8bdfc9 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,3 +1,23 @@
+Hubzilla 3.8.4 (2018-11-14)
+ - Fix xss issue (thanks to Eduardo)
+ - Implement hook in enotify to be used by superblock
+ - Various css fixes
+ - Improve photo cache handling
+ - Provide a function hz_syslog() to log to syslog
+ - Fix request_target in z_post_url()
+ - Fix plural handling for various languages
+ - Some preparatory work for zot6
+ - Fix warning in gallery addon
+ - Fix date issue on xchan photo update in diaspora and pubcrawl addons
+ - Fix typos in startpage addon
+ - Improve activitypub addressing
+ - Fix taxonomy in activitypub direct messages
+ - Fix syntax error in diaspora addon
+ - New e-learning addon flashcards
+ - Remove DNS check for database connection during installation
+ - Implement timestamps for pconfig
+
+
Hubzilla 3.8.3 (2018-11-05)
- Do not count likes in forum notifications if likes notifications are disabled
- Fix typo in spanish translation which broke javascript
diff --git a/Zotlabs/Module/Photo.php b/Zotlabs/Module/Photo.php
index 95e3404fb..30e8340e2 100644
--- a/Zotlabs/Module/Photo.php
+++ b/Zotlabs/Module/Photo.php
@@ -4,7 +4,6 @@ namespace Zotlabs\Module;
require_once('include/security.php');
require_once('include/attach.php');
require_once('include/photo/photo_driver.php');
-require_once('include/photos.php');
class Photo extends \Zotlabs\Web\Controller {
@@ -89,10 +88,9 @@ class Photo extends \Zotlabs\Web\Controller {
}
if(! $data) {
- $data = fetch_image_from_url($default,$mimetype);
- }
- if(! $mimetype) {
- $mimetype = 'image/png';
+ $x = z_fetch_url($default,true,0,[ 'novalidate' => true ]);
+ $data = ($x['success'] ? $x['body'] : EMPTY_STR);
+ $mimetype = 'image/png';
}
}
else {
@@ -200,19 +198,22 @@ class Photo extends \Zotlabs\Web\Controller {
if(isset($resolution)) {
switch($resolution) {
case 4:
- $data = fetch_image_from_url(z_root() . '/' . get_default_profile_photo(),$mimetype);
+ $default = get_default_profile_photo();
break;
case 5:
- $data = fetch_image_from_url(z_root() . '/' . get_default_profile_photo(80),$mimetype);
+ $default = get_default_profile_photo(80);
break;
case 6:
- $data = fetch_image_from_url(z_root() . '/' . get_default_profile_photo(48),$mimetype);
+ $default = get_default_profile_photo(48);
break;
default:
killme();
// NOTREACHED
break;
}
+ $x = z_fetch_url(z_root() . '/' . $default,true,0,[ 'novalidate' => true ]);
+ $data = ($x['success'] ? $x['body'] : EMPTY_STR);
+ $mimetype = 'image/png';
}
}
diff --git a/Zotlabs/Module/Search.php b/Zotlabs/Module/Search.php
index 272bbdac1..838f9d6b9 100644
--- a/Zotlabs/Module/Search.php
+++ b/Zotlabs/Module/Search.php
@@ -227,9 +227,9 @@ class Search extends \Zotlabs\Web\Controller {
}
if($tag)
- $o .= '<h2>' . sprintf( t('Items tagged with: %s'),htmlspecialchars($search, ENT_COMPAT,'UTF-8')) . '</h2>';
+ $o .= '<h2>' . sprintf( t('Items tagged with: %s'),$search) . '</h2>';
else
- $o .= '<h2>' . sprintf( t('Search results for: %s'),htmlspecialchars($search, ENT_COMPAT,'UTF-8')) . '</h2>';
+ $o .= '<h2>' . sprintf( t('Search results for: %s'),$search) . '</h2>';
$o .= conversation($items,'search',$update,'client');
diff --git a/boot.php b/boot.php
index 612654820..53aad48c9 100755
--- a/boot.php
+++ b/boot.php
@@ -50,10 +50,9 @@ require_once('include/attach.php');
require_once('include/bbcode.php');
define ( 'PLATFORM_NAME', 'hubzilla' );
-define ( 'STD_VERSION', '3.9.4' );
+define ( 'STD_VERSION', '3.9.5' );
define ( 'ZOT_REVISION', '6.0a' );
-
define ( 'DB_UPDATE_VERSION', 1225 );
define ( 'PROJECT_BASE', __DIR__ );
diff --git a/include/photos.php b/include/photos.php
index d0c5f77fc..d5553b495 100644
--- a/include/photos.php
+++ b/include/photos.php
@@ -1011,23 +1011,3 @@ function profile_photo_set_profile_perms($uid, $profileid = 0) {
}
}
}
-
-function fetch_image_from_url($url,&$mimetype) {
-
- $redirects = 0;
- $x = z_fetch_url($url,true,$redirects,[ 'novalidate' => true ]);
- if($x['success']) {
- $hdrs = [];
- $h = explode("\n",$x['header']);
- foreach ($h as $l) {
- list($k,$v) = array_map("trim", explode(":", trim($l), 2));
- $hdrs[strtolower($k)] = $v;
- }
- if (array_key_exists('content-type', $hdrs))
- $mimetype = $hdrs['content-type'];
-
- return $x['body'];
- }
-
- return EMPTY_STR;
-} \ No newline at end of file
diff --git a/include/text.php b/include/text.php
index 6a6d814d7..646bfe749 100644
--- a/include/text.php
+++ b/include/text.php
@@ -1061,7 +1061,7 @@ function micropro($contact, $redirect = false, $class = '', $mode = false) {
function search($s,$id='search-box',$url='/search',$save = false) {
return replace_macros(get_markup_template('searchbox.tpl'),array(
- '$s' => htmlspecialchars($s),
+ '$s' => $s,
'$id' => $id,
'$action_url' => z_root() . $url,
'$search_label' => t('Search'),